Phishing

(get it in RSS or Atom)

More iCloud phishing: don't get sucked in

It's easy to justify checking out spams and scams, on the "better safe than sorry" principle.

Don't do it!

You just end up one click closer to catastrophe.

Psychological profile-based security - could it work?

Image of psychedelic background brain courtesy of Shutterstock.

Fujitsu's working on technology that can assign security countermeasures based on a user's psychological profile and risk tendencies - warning them ahead of time, before an attack can be carried out successfully.

"Obamacare" phishing email leads to banking malware‏

dol-fake-250

Unfortunately, official emails and web bulletins are a handy source of believable content for scammers.

This time, it's a Department of Labor bulletin "borrowed" to help distributed a variant of the infamous Vawtrak banking malware.

Phish of the Week - when adjectives just aren't enough

We aren't really supposed to chuckle at spams and scams.

But here's a phishing story that will make you smile yet still be educational...

SSCC 179 - What kind of a name is "Lizard Squad"? [PODCAST]

Here's the latest episode of our regular security podcast.

This week: phishing, spamming, zombification, SCADA and the Internet of Things, and the curiously named cybervandals that go by "Lizard Squad."

Can malware and hackers really cause giant physical disasters?

Could you really have a hacker or malware initiated meltdown?

Yes, says the 2014 report of the German Office for Information Security...

Yes, I got an iTunes gift card for Christmas - but HOW DID THE CROOKS KNOW THAT?

You *are* being doubly cautious for phishing campaigns over the holiday season, aren't you?

Spammers and scammers don't have to know anything about you to hit the bullseye in what might feel like a targeted attack.

The email that caused a literal meltdown - 60 Sec Security [VIDEO]

Enjoy the last episode of "60 Second Security" for 2014!

Learn from the week's news in just one minute...

SSCC 178 - Are we there yet? [PODCAST]

Here's the latest episode of our weekly security podcast.

Enjoy...and "Happy Holidays," whether you're away on vacation yourself, or a sysadmin enjoying the time when everyone else is on vacation!

Yes, ICANN keep your data safe...oops, sorry, no I can't - 60 Sec Security [VIDEO]

Time for the latest episode of our weekly 60 Second Security video!

The news, in just one minute...enjoy.

Spear-phishers grab emails from internet overseer ICANN

ICANN logo

Yes, the DNS overlord fell for spear phishing. No, the internet's spine was NOT broken, given that the intruders only gained "read", not "write", access. Thank goodness!

Don’t let the Grinch steal Christmas: how to avoid festive fraudsters

Don’t let the Grinch steal Christmas: tips for avoiding festive fraudsters

Take a little more time to record what you've bought, from who or where, and how much it cost - and don't let your guard slip at this hectic time of year.

5 online scams to watch out for this Black Friday and Cyber Monday

Special offer. Image courtesy of Shutterstock

The traditional kickoff to the holiday shopping season is also an opportune time for cybercriminals, scam artists and conmen to gear up their activities.

Here are the top 5 online scams to watch out for...

Old-time phishing scams are working just fine, Google finds

Old-time phishing scams are working just fine, Google finds

A new Google study has found that the true masterpieces of phishing are successful 45% of the time. It's just another example of how phishers may be old dogs, but they can sure learn new tricks.

SSCC 172 - Ransomware's not dead! [PODCAST]

Here's the latest episode of our weekly security podcast.

News you can use!

GATSO! Speed camera phish leads to CryptoLocker ransomware clone...

gatso-250

Recently, we came across an intriguing phishing campaign that combines two feared products of the information age.

Gatsos (speed cameras) and ransomware, rolled into one attack!

Google goes beyond two-step verification with new USB Security Key

Google 2SV

Google's adding support for a physical USB second factor that will first verify the login site as being a true Google website, not a fake site pretending to be Google, before it hands over a cryptographic signature.

Attacker takes over Facebook page set up for 'Bucket List Baby' Shane, posts porn

Attacker takes over Facebook page set up for 'Bucket List Baby' Shane, posts porn

A Facebook page set up to chronicle the extremely short life of a baby with the rare, terminal condition of anencephaly was hijacked within days of the infant's death and set to display lewd images. The parents, who had lost their child mere days before, fell for one of the most vile phishing attacks ever.

5 steps to lock down your webmail account

5 steps to lock down your webmail account

For most people Gmail, Outlook.com or Yahoo! Mail is their main personal account. Here are some of the most important steps to keep unwanted people out of your web-based email account.